From 290acf6acca29132f2f11bd97ca92546abc2a88e Mon Sep 17 00:00:00 2001 From: Nutomic Date: Mon, 3 Oct 2022 17:46:42 +0000 Subject: [PATCH] Use compat mode when signing outgoing activities (fixes #1984) (#2473) --- Cargo.lock | 80 ++++++++++++++++++++++++++++++------- crates/api/Cargo.toml | 2 +- crates/api_crud/Cargo.toml | 2 +- crates/apub/Cargo.toml | 2 +- crates/apub/src/lib.rs | 5 ++- crates/apub_lib/Cargo.toml | 31 -------------- crates/db_schema/Cargo.toml | 2 +- 7 files changed, 72 insertions(+), 52 deletions(-) delete mode 100644 crates/apub_lib/Cargo.toml diff --git a/Cargo.lock b/Cargo.lock index fbfb99d1..c3743cac 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4,15 +4,15 @@ version = 3 [[package]] name = "activitypub_federation" -version = "0.2.0" +version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "446e75aefabf78ed9cc7e175f0d90c74f478086fb9bc571a9614fb0b7cbe35d4" +checksum = "690ed975ab70b883b4f0776f60fd7f23a7484a49f4257e7672e64d0990e95771" dependencies = [ "activitypub_federation_derive", "actix-web", "anyhow", "async-trait", - "background-jobs", + "background-jobs 0.13.0", "base64", "chrono", "derive_builder 0.11.2", @@ -479,8 +479,18 @@ version = "0.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5c301b3ccb60fa2aadb4da111e27b257ddc4f0509848c43c85764dc14f7a49a3" dependencies = [ - "background-jobs-actix", - "background-jobs-core", + "background-jobs-actix 0.12.0", + "background-jobs-core 0.12.0", +] + +[[package]] +name = "background-jobs" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "793a813f9145c5f3a27b8dcd834c0927de68bbd60d53a369e5894f3cc5759020" +dependencies = [ + "background-jobs-actix 0.13.0", + "background-jobs-core 0.13.0", ] [[package]] @@ -493,7 +503,7 @@ dependencies = [ "anyhow", "async-mutex", "async-trait", - "background-jobs-core", + "background-jobs-core 0.12.0", "num_cpus", "serde", "serde_json", @@ -504,6 +514,27 @@ dependencies = [ "uuid 0.8.2", ] +[[package]] +name = "background-jobs-actix" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8660626a2d8781b50cbe0e3b63d8e2a7e08a90e80fa2bca8e8cc19deff72ebf4" +dependencies = [ + "actix-rt", + "anyhow", + "async-mutex", + "async-trait", + "background-jobs-core 0.13.0", + "num_cpus", + "serde", + "serde_json", + "thiserror", + "tokio", + "tracing", + "tracing-futures", + "uuid 1.1.2", +] + [[package]] name = "background-jobs-core" version = "0.12.0" @@ -523,6 +554,25 @@ dependencies = [ "uuid 0.8.2", ] +[[package]] +name = "background-jobs-core" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "48e78e842fe2ae461319e3d1843c12e301630e65650332b02032ac70b0dfc66f" +dependencies = [ + "actix-rt", + "anyhow", + "async-trait", + "event-listener", + "serde", + "serde_json", + "thiserror", + "time 0.3.14", + "tracing", + "tracing-futures", + "uuid 1.1.2", +] + [[package]] name = "base64" version = "0.13.0" @@ -2189,7 +2239,7 @@ dependencies = [ "actix-web", "actix-web-actors", "anyhow", - "background-jobs", + "background-jobs 0.12.0", "chrono", "diesel", "lemmy_api_common", @@ -2570,9 +2620,9 @@ checksum = "e82dad04139b71a90c080c8463fe0dc7902db5192d939bd0950f074d014339e1" [[package]] name = "openssl" -version = "0.10.41" +version = "0.10.42" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "618febf65336490dfcf20b73f885f5651a0c89c64c2d4a8c3662585a70bf5bd0" +checksum = "12fc0523e3bd51a692c8850d075d74dc062ccf251c0110668cbd921917118a13" dependencies = [ "bitflags", "cfg-if", @@ -2602,9 +2652,9 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" [[package]] name = "openssl-sys" -version = "0.9.75" +version = "0.9.76" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e5f9bd0c2710541a3cda73d6f9ac4f1b240de4ae261065d309dbe73d9dceb42f" +checksum = "5230151e44c0f05157effb743e8d517472843121cf9243e8b81393edb5acd9ce" dependencies = [ "autocfg", "cc", @@ -3829,18 +3879,18 @@ dependencies = [ [[package]] name = "thiserror" -version = "1.0.35" +version = "1.0.37" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c53f98874615aea268107765aa1ed8f6116782501d18e53d08b471733bea6c85" +checksum = "10deb33631e3c9018b9baf9dcbbc4f737320d2b576bac10f6aefa048fa407e3e" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.35" +version = "1.0.37" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f8b463991b4eab2d801e724172285ec4195c650e8ec79b149e6c2a8e6dd3f783" +checksum = "982d17546b47146b28f7c22e3d08465f6b8903d0ea13c1660d9d84a6e7adcdbb" dependencies = [ "proc-macro2 1.0.43", "quote 1.0.21", diff --git a/crates/api/Cargo.toml b/crates/api/Cargo.toml index 737fa7cc..935a4788 100644 --- a/crates/api/Cargo.toml +++ b/crates/api/Cargo.toml @@ -22,7 +22,7 @@ lemmy_db_views_moderator = { version = "=0.16.5", path = "../db_views_moderator" lemmy_db_views_actor = { version = "=0.16.5", path = "../db_views_actor", features = ["full"] } lemmy_api_common = { version = "=0.16.5", path = "../api_common", features = ["full"] } lemmy_websocket = { version = "=0.16.5", path = "../websocket" } -activitypub_federation = "0.2.0" +activitypub_federation = { version = "0.2.2" } diesel = "2.0.0" bcrypt = "0.13.0" chrono = { version = "0.4.22", features = ["serde"], default-features = false } diff --git a/crates/api_crud/Cargo.toml b/crates/api_crud/Cargo.toml index 301015ad..161e57c0 100644 --- a/crates/api_crud/Cargo.toml +++ b/crates/api_crud/Cargo.toml @@ -16,7 +16,7 @@ lemmy_db_views = { version = "=0.16.5", path = "../db_views", features = ["full" lemmy_db_views_actor = { version = "=0.16.5", path = "../db_views_actor", features = ["full"] } lemmy_api_common = { version = "=0.16.5", path = "../api_common", features = ["full"] } lemmy_websocket = { version = "=0.16.5", path = "../websocket" } -activitypub_federation = "0.2.0" +activitypub_federation = { version = "0.2.2" } bcrypt = "0.13.0" serde_json = { version = "1.0.85", features = ["preserve_order"] } serde = { version = "1.0.145", features = ["derive"] } diff --git a/crates/apub/Cargo.toml b/crates/apub/Cargo.toml index 31b7dcbe..22e6a52b 100644 --- a/crates/apub/Cargo.toml +++ b/crates/apub/Cargo.toml @@ -20,7 +20,7 @@ lemmy_db_views = { version = "=0.16.5", path = "../db_views", features = ["full" lemmy_db_views_actor = { version = "=0.16.5", path = "../db_views_actor", features = ["full"] } lemmy_api_common = { version = "=0.16.5", path = "../api_common", features = ["full"] } lemmy_websocket = { version = "=0.16.5", path = "../websocket" } -activitypub_federation = "0.2.0" +activitypub_federation = { version = "0.2.2" } diesel = "2.0.0" activitystreams-kinds = "0.2.1" chrono = { version = "0.4.22", features = ["serde"], default-features = false } diff --git a/crates/apub/src/lib.rs b/crates/apub/src/lib.rs index 8fd8588b..b594acad 100644 --- a/crates/apub/src/lib.rs +++ b/crates/apub/src/lib.rs @@ -2,7 +2,7 @@ use crate::fetcher::post_or_comment::PostOrComment; use activitypub_federation::{ core::signatures::PublicKey, traits::{Actor, ApubObject}, - InstanceSettingsBuilder, + InstanceSettings, LocalInstance, }; use anyhow::Context; @@ -34,13 +34,14 @@ static CONTEXT: Lazy> = Lazy::new(|| { fn local_instance(context: &LemmyContext) -> &'static LocalInstance { static LOCAL_INSTANCE: OnceCell = OnceCell::new(); LOCAL_INSTANCE.get_or_init(|| { - let settings = InstanceSettingsBuilder::default() + let settings = InstanceSettings::builder() .http_fetch_retry_limit(context.settings().federation.http_fetch_retry_limit) .worker_count(context.settings().federation.worker_count) .debug(context.settings().federation.debug) // TODO No idea why, but you can't pass context.settings() to the verify_url_function closure // without the value getting captured. .verify_url_function(|url| check_apub_id_valid(url, &SETTINGS)) + .http_signature_compat(true) .build() .expect("configure federation"); LocalInstance::new( diff --git a/crates/apub_lib/Cargo.toml b/crates/apub_lib/Cargo.toml deleted file mode 100644 index 3aaebd41..00000000 --- a/crates/apub_lib/Cargo.toml +++ /dev/null @@ -1,31 +0,0 @@ -[package] -name = "lemmy_apub_lib" -version = "0.16.3" -edition = "2021" -description = "A link aggregator for the fediverse" -license = "AGPL-3.0" -homepage = "https://join-lemmy.org/" -documentation = "https://join-lemmy.org/docs/en/index.html" - -[dependencies] -lemmy_utils = { version = "=0.16.3", path = "../utils" } -lemmy_apub_lib_derive = { version = "=0.16.3", path = "../apub_lib_derive" } -chrono = { version = "0.4.19", default-features = false } -serde = { version = "1.0.136", features = ["derive"] } -async-trait = "0.1.53" -url = { version = "2.2.2", features = ["serde"] } -serde_json = { version = "1.0.79", features = ["preserve_order"] } -anyhow = "1.0.56" -reqwest = { version = "0.11.10", features = ["json"] } -reqwest-middleware = "0.1.5" -tracing = "0.1.32" -base64 = "0.13.0" -openssl = "0.10.38" -once_cell = "1.10.0" -http = "0.2.6" -sha2 = "0.10.2" -actix-web = { version = "4.0.1", default-features = false } -http-signature-normalization-actix = { version = "0.6.1", default-features = false, features = ["server", "sha-2"] } -http-signature-normalization-reqwest = { version = "0.5.0", default-features = false, features = ["sha-2", "middleware"] } -background-jobs = "0.12.0" -diesel = { version = "2.0.0-rc.0", features = ["chrono"] } diff --git a/crates/db_schema/Cargo.toml b/crates/db_schema/Cargo.toml index fc5e91b8..ea8d3440 100644 --- a/crates/db_schema/Cargo.toml +++ b/crates/db_schema/Cargo.toml @@ -24,7 +24,7 @@ url = { version = "2.3.1", features = ["serde"] } strum = "0.24.1" strum_macros = "0.24.3" serde_json = { version = "1.0.85", features = ["preserve_order"], optional = true } -activitypub_federation = { version = "0.2.0", optional = true } +activitypub_federation = { version = "0.2.2", optional = true } lemmy_utils = { version = "=0.16.5", path = "../utils", optional = true } bcrypt = { version = "0.13.0", optional = true } diesel = { version = "2.0.0", features = ["postgres","chrono","r2d2","serde_json"], optional = true } -- 2.44.1